1. Field
Various features pertain to a scalable mechanism that can leverage social networks or online communities for authentication and security.
2. Background
Current trends in privacy violations and poor management of user policies on social networks and online communities suggest a desperate need for an easier means to authenticate users, encrypt content, and/or grant/restrict access to such content. User-friendly means of constructing and sharing public keys have been designed—e.g., identity based encryption or the notion of using Uniform Resource Identifiers (URIs) as the public key. However, the ability to auto-generate a certificate (or a web of trust) does not currently exist. Without this, the public-private key pairs do not allow for authentication, authorization or non-repudiation. A Public Key Infrastructure (PKI) is a hierarchical means of accomplishing this—however, cost and scalability have prevented this from becoming the defacto mechanism. The notion of a “web of trust” solves this problem; however, this has traditionally required key-signing parties or the like.
As social networks expand, there are opportunities to leverage information therein for various purposes. It would be beneficial to provide a scalable mechanism that can leverage social networks or online communities for authentication and security.